package com.newasia.management.controller;

import com.newasia.commons.result.ResponseData;
import com.newasia.commons.result.ResponseUtil;
import com.newasia.management.ISysRoleService;
import com.newasia.management.ISysUserService;
import com.newasia.management.constants.ManagementRetCode;
import com.newasia.management.dto.user.login.*;
import com.newasia.management.dto.user.user.DeleteSysUserRequset;
import com.newasia.management.dto.user.user.DeleteSysUserResponse;
import com.newasia.management.dto.user.user.SysUserListRequset;
import com.newasia.management.dto.user.user.SysUserListResponse;
import com.newasia.management.form.PageInfo;
import com.newasia.management.form.SysRoleForm;
import com.newasia.management.form.SysUserForm;
import com.newasia.management.shiro.SHA256Util;
import com.newasia.management.shiro.ShiroUtils;
import lombok.extern.slf4j.Slf4j;
import org.apache.dubbo.config.annotation.Reference;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.subject.Subject;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Map;

@Slf4j
@RestController
@RequestMapping("/management")
public class LoginController {

    @Reference(timeout = 3000)
    ISysUserService sysUserService;

    @PostMapping("/login")
    public ResponseData login(@RequestBody Map<String,String> map,
                              HttpServletRequest request, HttpServletResponse response){
        SysUserLoginRequest loginRequest = new SysUserLoginRequest();
        loginRequest.setUserName(map.get("userName"));
        loginRequest.setPassword(map.get("userPwd"));
        //String captcha=map.get("captcha");
        String code = "000000";

        SysUserLoginResponse loginResponse = new SysUserLoginResponse();
        sysUserService.selectUserByName(loginRequest);

        //进行身份验证
        try{
            //验证身份和登陆
            Subject subject = SecurityUtils.getSubject();
            UsernamePasswordToken token =
                    new UsernamePasswordToken(loginRequest.getUserName(), loginRequest.getPassword());
            //验证成功进行登录操作
            subject.login(token);
        }catch (IncorrectCredentialsException e) {
            code = "009001";
        }catch (LockedAccountException e) {
            code = "009006";
        }catch (AuthenticationException e) {
            code = "009007";
        } catch (Exception e) {
            code = "009099";
        }
        if (!code.equals(ManagementRetCode.SUCCESS.getCode())) {
            return new ResponseUtil<>().setErrorMsg(code,ManagementRetCode.getMessage(code));
        }
        loginResponse = ShiroUtils.getUserInfo();
        loginResponse.setToken(ShiroUtils.getSession().getId().toString());
        loginResponse.setCode(code);
        loginResponse.setMsg(ManagementRetCode.getMessage(code));
        loginResponse.setSalt("");
        return new ResponseUtil().setData(loginResponse);
    }
}
